* when I say that the program doesn't hang I mean there's a way to prevent this. The fact that the program-site communication context is indeed broken, shouldn't discourage you. Think of it this way: Suppose you wanted to run this app badly, but the company site was either down or (as in our case) malfunctioning. What would you do then?

--edit--one last thing: you can finish this mission without messing with the hosts file or setting up a server, although these are good ideas in general...

Last edited by liantinis on Sun May 19, 2013 11:51 pm, edited 1 time in total.

* when I say that the program doesn't hang I mean there's a way to prevent this. The fact that the program-site communication context is indeed broken, shouldn't discourage you. Think of it this way: Suppose you wanted to run this app badly, but the company site was either down or (as in our case) malfunctioning. What would you do then?

+1This ^Going to play with this now just to pull off what you just did. Outstanding

"The quieter you become, the more you are able to hear...""Drink all the booze, hack all the things."

* when I say that the program doesn't hang I mean there's a way to prevent this. The fact that the program-site communication context is indeed broken, shouldn't discourage you. Think of it this way: Suppose you wanted to run this app badly, but the company site was either down or (as in our case) malfunctioning. What would you do then?

Bitch and whine in the company forum? This 'excercise' kinda proves a point that online-drm *really* sucks.If the company's DRM site is down, you're screwed.

Seriously though, I'm thinking either a) hex edit the app such that it skips the serial checking. (Not exactly an easy task) b) hex edit the app such that it accepts whatever I enter.

But since you mentioned that a disassembler isn't needed, then I'm a little stumped.

It's way easier than you may think at first.From your previous post I see that you've already done the wireshark thing.You just need to focus on that and rethink your b) branch:

b) hex edit the app such that it accepts whatever I enter.

To put it differently: Think that the communication with the site is OK. If you know what to do in this case, then it's notdifficult to figure out what to do in our case.

PS:: Suppose that the forum/mail system/wiki/whatever of the 'company' is also down. What would you do then?

Well, I looked at the url that it was sending to hackthissite.org, and tried it on the browser. It came out 'false', soI'm guessing that I hexedit it to think that whatever returns is ok. (I'm currently thinking dissassembly here.. backin the hey-days of DOS hex editing, it was easy; but with Windows, I'm lost. )

Thanks for the info.. My mind's currently blank right now. Gonna have to view the file in a hex editor again andstare at it long enough.

Ix

-- Thu May 23, 2013 3:39 pm --

Haven't really gotten anywhere yet.

Basically I opened the exe in a hex editor and searched through the file for "Status...." or even "Welcome...".I find these string instances. (No, it doesn't help me.) I then see "true" and "false" around there.

Then (bear with me) I opened the EXE in ollydb. I can not, for the life of me, find any of the stringinstances. I was taking the 'long and hard' way via reverse engineering this app3win. I supposethat's not the way of doing this exercise, but I thought I'd give it a try. Nope. Totally didn't comeup with anything. (If someone out there is familiar with ollydb, can you tell me why when I hexedit the EXE file, I see the strings; but when I look at it through ollydb, I don't even whenI searched the whole thing.) I'm guessing I'm doing something wrong.

So, back to the drawing board and b).

PS: Is there a reverse engineering forum or is this a no-no on this site?

Right so, few days back I said I was going to try this. There are a couple of 'easy' ways but it REALLY got me thinking and now I've been trying to pull it off with some tcp injection, without being mitm. I've been banging my head a little bit trying to get it to work. liantinis + 1 again.

impulse_x wrote:PS: Is there a reverse engineering forum or is this a no-no on this site?

REing is ok, as long as it's not blatantly illegal what are tempting to do.

As for this thread. Until the challenge is fixed we're going to go soft on spoilers since a few of us are trying to rehack the simulation.

"The quieter you become, the more you are able to hear...""Drink all the booze, hack all the things."